I need to build a app that upload video youtube, my question is about logging in google. My app is for only one client, i don't want the user need to logging in youtube then before allow access to my app. I think if I can set tokens in a config file, is this possible? If yes, how i get manually the tokens to store in the config file?
Yes. You authorize the application on YouTube, get the tokens and store them. The application will then use the tokens that were stored. I've done it before (mainly for testing purposes) and it will work fine.
Related
I would like to know what access token I require to achieve the following.
My Meteor app crawls various RSS feeds and makes a daily digest. I would like to automatically tweet about the daily digest when it is created, using the app's Twitter account.
As I see, in the doc, it seems that I need to use application owner access token and create my app using the app's Twitter account. Is this a correct approach?
Yes, that's correct. It's quite simple too.
Go to Twitter Apps and login with your regular twitter account
assuming you have one, if not you need to create one.
Once signed in click on Create New App button.
Fill out the application (Name, description, and whatever else it requires).
Create your key and access tokens. Share those with users that you trust as they'll be used to access the twitter API to read/write information.
Give the application you created a "Read and Write" permission based on what you asked in the question.
Then depending on the software/language you use there's a plenty of existing packages that can help you access and obtain the information from the API.
I have Java based website. I would like users to log into my website and then upload videos to youtube using my youtube account. Users should not be required to have their own youtube account since videos will be uploaded using my youtube account.
Does youtube support this scenario?
If so, is there a sample code that shows me how to do this in Java?
I have used UploadVideo.java sample provided by google (https://developers.google.com/youtube/v3/code_samples/java#upload_a_video), but it requires users to log into youtube account using their id and password. That is not my use case.
Please study the terms and conditions of the Youtube service ; I think they do not allow this:
https://www.youtube.com/static?gl=GB&template=terms
YouTube accounts
4.1 In order to access some features of the Website or other elements of the Service, you will have to create a YouTube account. When
creating your account, you must provide accurate and complete
information. It is important that you must keep your YouTube account
password secure and confidential.
4.2 You must notify YouTube immediately of any breach of security or unauthorised use of your YouTube account that you become aware of.
4.3 You agree that you will be solely responsible (to YouTube, and to others) for all activity that occurs under your YouTube account.
and
5.1.L: you agree not to access Content or any reason other than your personal, non-commercial use solely as intended through and permitted
by the normal functionality of the Service, and solely for Streaming.
"Streaming" means a contemporaneous digital transmission of the
material by YouTube via the Internet to a user operated Internet
enabled device in such a manner that the data is intended for
real-time viewing and not intended to be downloaded (either
permanently or temporarily), copied, stored, or redistributed by the
user.
You can not let other people use your YouTube account/channel. The way to do is using YouTube Direct Lite
You basically add a ytdl with playlist tag while uploading videos.
You can check Android Client for how to do it in Java.
As to whether it is technically possible, yes, see https://developers.google.com/youtube/v3/guides/using_resumable_upload_protocol
The technical problem here is users will be able to delete videos too if they have your access token with full permissions. basically you need to:
load your html page with the upload interface.
add to the onclick event of the upload button to send an ajax request to a script on your server which will:
return the access token of your account to the client
soon thereafter change the access token using the refresh token
Its still technically vulnerable though. a possible solution is to obtain the access token ONLY with the scope:
https://www.googleapis.com/auth/youtube.upload
There is a very good chance it will not be vulnerable then. You should test it.
Currently I am using a modified script to upload videos. I have taken the following example as a basis:
https://github.com/youtube/api-samples/blob/master/php/resumable_upload.php
This script uses browser based oauth flow.
Could you please tell me if it is possible to allow other users to upload videos to my channel without making them the channel managers? So that they could use my auth token.
If yes - how can it be inplemented?
Yes, that is definitely possible. You need to design an application that is capable of the following:
Authenticate the channel the videos shall be uploaded to via OAuth. As DalmTo said, you need to save the tokens. Whoever has the tokens has access to the channel.
Since your application has access to the channel by now, it (and therefore you) can decide what to upload. That means that you are responsible for granting or denying a specific user the right to upload something.
In order to do so, you could again use OAuth or any other method you like (e.g. you can use your backend accounts).
In other words, a user has to identify towards your application. Your application can then decide to take the user's content and upload it to the channel.
I have about a site with about 50 customers. They each have a user profile. They want to be able to automatically include their images which they store on DropBox in their profiles.
My idea is to make a Dropbox api that scans their folders (with their permission) and just include the images in their profile. I already know how to link directly to their images as long as I have the url.
I set up the Ruby API. Only question is : Do they have to authorize my app every time I try to access their images?
I want to somehow store authorization information for each client, then just reuse that info and access their images through the Ruby API. Is this possible? How is it done?
I think if I can just get past this authorization hurdle I can take care of the rest.
You can definitely do this. Just store the access token at the end of the OAuth flow and reuse it. From https://www.dropbox.com/developers/core/start/ruby:
The access token is all you'll need to make API requests on behalf of
this user, so you should store it away for safe-keeping (even though
we don't for this tutorial). By storing the access token, you won't
need to go through these steps again unless the user reinstalls your
app or revokes access via the Dropbox website.
All that I have researched integrating Dropbox iOS SDK requires logging in to authenticate/authenticate a user.
But this is what I want to accomplish
Use only one user account. (Without authorization)
Create a random public folder(in same account) and upload files to that folder.
Get the folder link.
It's basically sending generated files from the app to an account.
How can I possibly do this?
The API was designed with the intention that each user would link their own Dropbox account, in order to interact with their own files. However, it is technically possible to connect to just one account. The SDKs don't offer explicit support for it and we don't recommend doing so, for various technical and security reasons.
For example, any user who extracts the access token from your app will be able to read every file in the Dropbox account, delete everything, replace it, etc.
However if you did want to go this route, instead of kicking off the authorization flow, you would manually use an existing access token for your app. (Just be careful not to revoke it, e.g. via https://www.dropbox.com/account/applications.)